Privacy Policy
Kaira (“we”, “us”) is operated by the Kaira team. This policy describes how we handle personal data when you use the Kaira mobile app and related services.
1. Who we are
- Product: Kaira — a 66-day reset app for building habits across six life pillars.
- Contact: privacy@kairaa.app
- Primary market: United States (English)
2. Data we collect
Account and profile
- Email address and display name (via Google Sign In or Sign in with Apple)
- Authentication identifiers managed by Supabase Auth
- Profile settings (notification preferences, subscription state)
App activity (structured events only)
- Screen views, button taps, funnel steps (e.g. onboarding completed, check-in submitted)
- We do not send journal text, check-in notes, letters, or voice content to analytics tools.
Health and wellness content you create
- Habit titles, daily check-ins, pact text, letters to your future self, reflections
- Voice journal audio (stored until you delete it)
- Stored in Supabase Postgres (text) and Cloudflare R2 (audio)
Device and technical data
- Push notification tokens (Expo Push)
- Crash reports and performance data (Sentry)
- App version, device model, OS version
- Hashed user identifier for analytics (HMAC — not your raw user ID)
Payments
- Subscription status, product identifiers, trial dates (RevenueCat + Apple App Store)
- We do not store full payment card numbers; Apple processes payments.
AI interactions
- Task type, token counts, model used, cost (Langfuse + our database)
- Prompts and completions are processed by AI providers (Anthropic, OpenAI, Groq/Fireworks as configured) solely to generate Kaira's responses
- User-generated content in prompts is not sent to PostHog, Sentry, or BetterStack
3. How we use data
- Provide and improve the Kaira app (cycles, check-ins, AI moments, push reminders)
- Authenticate you and secure your account
- Process subscriptions and trials
- Send push and local notifications you opt into
- Monitor app stability and fix bugs (Sentry)
- Understand product usage in aggregate (PostHog)
- Monitor uptime of external services (BetterStack)
- Comply with legal obligations
We do not sell your personal data. We do not use your journal or letter content for advertising.
4. Service providers (subprocessors)
| Provider | Purpose | Data shared |
|---|---|---|
| Supabase | Database, auth, Edge Functions, Realtime | Account, app content, structured logs |
| Cloudflare R2 | Voice journal audio storage | Audio files |
| OAuth sign-in | Email, name (if granted) | |
| Apple | Sign in with Apple, App Store subscriptions | Email (optional relay), subscription receipts |
| RevenueCat | Subscription management | User ID, subscription events |
| Sentry | Error and performance monitoring | Crashes, device info (scrubbed of user content) |
| PostHog (EU cloud) | Analytics, feature flags, session replay | Hashed user ID, events (no user content) |
| BetterStack | Uptime monitoring | HTTP health checks only |
| Anthropic / OpenAI / Groq / Fireworks | AI text generation | Prompts containing your context for Kaira responses |
| Langfuse | AI observability | Traces with hashed user ID, token metrics |
| Deepgram / OpenAI | Speech-to-text for voice journals | Audio transcription (when used) |
| Expo | Push notification delivery | Push tokens, notification payloads |
Data processing agreements (DPAs) will be in place with applicable vendors before public launch.
5. Session replay and masking
PostHog session replay is configured with aggressive masking. Text inputs marked sensitive are masked by default. We review new UI components to avoid capturing private content in replays.
6. Data retention
- Account and app content: Until you delete your account or specific content
- Analytics events: Up to 1 year (PostHog)
- Error logs: Per Sentry retention settings
- AI traces: Per Langfuse retention; linked via hashed identifier
7. Your rights
Depending on your location, you may have the right to:
- Access, correct, or delete your personal data
- Export your data
- Object to or restrict certain processing
- Withdraw consent where processing is consent-based
Account deletion: Use in-app settings (when available) or contact privacy@kairaa.app. Our delete-user-data process removes Postgres rows, R2 audio, and requests deletion from PostHog, Sentry, RevenueCat, and Langfuse where applicable.
8. Security
- Row Level Security on all user tables in Supabase
- TLS in transit; encryption at rest with cloud providers
- Internal cron jobs protected by server-side secrets
- No storage of payment card details in our database
9. Children
Kaira is not directed at children under 13 (or 16 in the EEA). We do not knowingly collect data from children.
10. International transfers
Primary infrastructure is in the United States (Supabase us-east-1). PostHog analytics uses EU hosting where configured. Transfers rely on standard contractual clauses or equivalent safeguards where required.
11. Changes
We will update this policy before material changes take effect and revise the “Last updated” date. Continued use after changes constitutes acceptance where permitted by law.
12. Contact
Questions about this policy: privacy@kairaa.app